Vulnerability CVE-2021-3631


Published: 2022-03-02   Modified: 2022-03-03

Description:
A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.

Type:

CWE-732

CVSS2 => (AV:L/AC:M/Au:N/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
3.3/10
4.9/10
3.4/10
Exploit range
Attack complexity
Authentication
Local
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None
Affected software
Redhat -> Libvirt 
Redhat -> Openshift container platform 
Redhat -> Enterprise linux 

 References:
https://access.redhat.com/errata/RHSA-2021:3631
https://gitlab.com/libvirt/libvirt/-/commit/15073504dbb624d3f6c911e85557019d3620fdb2
https://bugzilla.redhat.com/show_bug.cgi?id=1977726
https://gitlab.com/libvirt/libvirt/-/issues/153

Copyright 2022, cxsecurity.com

 

Back to Top